EUVD-2020-30878

Nidesoft 3GP Video Converter 2.6.18 contains a local stack buffer overflow vulnerability in the license registration parameter. Attackers can craft a malicious payload and paste it into the 'License Code' field to execute arbitrary code on the system...

CVE-2020-36965 docPrint Pro 8.0 - 'Add URL' Buffer Overflow (SEH Egghunter)

docPrint Pro 8.0 contains a local buffer overflow vulnerability in the 'Add URL' input field that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious payload that triggers a structured exception handler SEH overwrite to execute shellcode and gain remo...

CVE-2020-36991

ShareMouse 5.0.43 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the insecure service path configuration by placing malicious executables in specific system directories to gain...

CVE-2026-24747

A flaw was found in PyTorch, a Python package for tensor computation. A remote attacker could craft a malicious checkpoint file, which, when loaded using the weightsonly unpickler, could lead to memory corruption. This vulnerability may enable an attacker to achieve arbitrary code execution on th...

Cross-site Scripting (XSS)

Overview billboard.js is a Re-usable easy interface JavaScript chart library, based on D3 v4+ Affected versions of this package are vulnerable to Cross-site Scripting XSS via improper sanitization in the chart option binding. An attacker can execute arbitrary JavaScript code by supplying crafted...

Cross-site Scripting (XSS)

Overview org.webjars.npm:billboard.js is a Re-usable easy interface JavaScript chart library, based on D3 v4+ Affected versions of this package are vulnerable to Cross-site Scripting XSS via improper sanitization in the chart option binding. An attacker can execute arbitrary JavaScript code by...

10-Strike Network Inventory Explorer security vulnerabilities

10-Strike Network Inventory Explorer is a scanning software developed by 10-Strike Corporation. It is used to track hardware and software on network computers. Version 8.65 of 10-Strike Network Inventory Explorer contains a security vulnerability caused by buffer overflow in exception handling,...

VeryPDF docPrint Pro security vulnerability

VeryPDF docPrint Pro is a virtual printer and document conversion software developed by VeryPDF Corporation. Version 8.0 of VeryPDF docPrint Pro contains a security vulnerability. This vulnerability stems from a local buffer overflow in the “Add URL” input field, which could allow for the executi...

Gear Box Computers IP Watcher code issues and vulnerabilities

Gear Box Computers IP Watcher is a network monitoring tool developed by Gear Box Computers. Version 3.0.0.30 of Gear Box Computers IP Watcher has a code vulnerability; this vulnerability stems from Windows service configurations that include service paths without quotes, which may allow arbitrary...

PT-2026-5111

IP Watcher 3.0.0.30 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with elevated LocalSystem privileges...

CVE-2022-40620

FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, does not properly validate TLS certificates when downloading update packages through its auto-update mechanism. An attacker suitably positioned on the network could intercept the update request and deliver a...

RHEL 9 : openssl (RHSA-2026:1473)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1473 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

ROS-20260128-73-0044

Vulnerability in kernel-lt related to writing outside buffer boundaries in memory. Exploitation of the vulnerability may allow an attacker to execute arbitrary code...

ROS-20260128-73-0048

Vulnerability in kernel-lt related to writing outside buffer boundaries in memory. Exploitation of the vulnerability may allow an attacker to execute arbitrary code...

Linux Distros Unpatched Vulnerability : CVE-2026-24747

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's weightsonly unpickler allows an attacker to...

ALSA-2026:1472 Important: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS12 file CVE-2025-11187...

AlmaLinux 10 : openssl (ALSA-2026:1472)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:1472 advisory. openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS12 file CVE-2025-11187 openssl: OpenSSL: Remote code execution or...

USN-7982-1: FFmpeg vulnerabilities

It was discovered that FFmpeg did not correctly handle certain memory operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 25.10. CVE-2025-59728 It was...

AZL-75588 CVE-2026-24747 affecting package pytorch for versions less than 2.0.0-14

PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's weightsonly unpickler allows an attacker to craft a malicious checkpoint file .pth that, when loaded with torch.load..., weightsonly=True, can corrupt memory and potentially lead to...

CVE-2025-57785

A Double Free in XSLT showindex has been identified in Hiawatha webserver version 11.7 which allows an unauthenticated attacker to corrupt data which may lead to arbitrary code execution...